Opera 7 vulnerabilities

From: GreyMagic Software (securityat_private)
Date: Thu Nov 14 2002 - 08:43:02 PST

Next message: FreeBSD Security Advisories: "FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh"

Previous message: Mincu Alexandru: "Latest libpcap & tcpdump sources from tcpdump.org contain a trojan"
Next in thread: Thor Larholm: "RE: Opera 7 vulnerabilities"
Maybe reply: Thor Larholm: "RE: Opera 7 vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We've done some basic security tests, in cooperation with Tom Gilder, on the
new Opera 7 beta release and found two major security vulnerabilities. These
vulnerabilities are quite obvious and likely to be discovered by malicious
users.

Combined, they allow full read access to a victim's file system (including
both directories and files) and scripting access to any domain.

Full details will be released once Opera resolves these issues. In the
meanwhile, users are encouraged not to upgrade to Opera 7 or disable
scripting.

Next message: FreeBSD Security Advisories: "FreeBSD Security Advisory FreeBSD-SA-02:41.smrsh"
Previous message: Mincu Alexandru: "Latest libpcap & tcpdump sources from tcpdump.org contain a trojan"
Next in thread: Thor Larholm: "RE: Opera 7 vulnerabilities"
Maybe reply: Thor Larholm: "RE: Opera 7 vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 15 2002 - 20:12:22 PST